/* This function makes serf use SSL on the connection. */
apr_status_t default_https_conn_setup(apr_socket_t *skt,
serf_bucket_t **input_bkt,
serf_bucket_t **output_bkt,
void *setup_baton,
apr_pool_t *pool)
{
test_baton_t *tb = setup_baton;
*input_bkt = serf_bucket_socket_create(skt, tb->bkt_alloc);
*input_bkt = serf_bucket_ssl_decrypt_create(*input_bkt, NULL,
tb->bkt_alloc);
tb->ssl_context = serf_bucket_ssl_encrypt_context_get(*input_bkt);
if (output_bkt) {
*output_bkt = serf_bucket_ssl_encrypt_create(*output_bkt,
tb->ssl_context,
tb->bkt_alloc);
}
if (tb->server_cert_cb)
serf_ssl_server_cert_callback_set(tb->ssl_context,
tb->server_cert_cb,
tb);
serf_ssl_set_hostname(tb->ssl_context, "localhost");
return APR_SUCCESS;
}
static serf_bucket_t* conn_setup(apr_socket_t *skt,
void *setup_baton,
apr_pool_t *pool)
{
serf_bucket_t *c;
app_baton_t *ctx = setup_baton;
c = serf_bucket_socket_create(skt, ctx->bkt_alloc);
if (ctx->using_ssl) {
c = serf_bucket_ssl_decrypt_create(c, ctx->ssl_ctx, ctx->bkt_alloc);
}
return c;
}
static serf_bucket_t *
s_connection_setup(apr_socket_t *skt, void *setup_ctx, apr_pool_t *UNUSED(pool))
{
serf_bucket_t *c;
app_ctx_t *ctx = (app_ctx_t *)setup_ctx;
c = serf_bucket_socket_create(skt, ctx->bkt_alloc);
if (ctx->ssl_flag) {
c = serf_bucket_ssl_decrypt_create(c, ctx->ssl_ctx, ctx->bkt_alloc);
if (!ctx->ssl_ctx) {
ctx->ssl_ctx = serf_bucket_ssl_decrypt_context_get(c);
serf_ssl_use_default_certificates(ctx->ssl_ctx);
serf_ssl_server_cert_callback_set(ctx->ssl_ctx, NULL, NULL);
}
return c;
}
return c;
}
static apr_status_t conn_setup(apr_socket_t *skt,
serf_bucket_t **input_bkt,
serf_bucket_t **output_bkt,
void *setup_baton,
apr_pool_t *pool)
{
serf_bucket_t *c;
conn_baton_t *conn_ctx = setup_baton;
app_baton_t *ctx = conn_ctx->app;
c = serf_context_bucket_socket_create(ctx->serf_ctx, skt,
ctx->bkt_alloc);
if (ctx->using_ssl) {
c = serf_bucket_ssl_decrypt_create(c, conn_ctx->ssl_ctx, ctx->bkt_alloc);
if (!conn_ctx->ssl_ctx) {
conn_ctx->ssl_ctx = serf_bucket_ssl_decrypt_context_get(c);
}
serf_ssl_server_cert_chain_callback_set(conn_ctx->ssl_ctx,
ignore_all_cert_errors,
print_certs, NULL);
serf_ssl_set_hostname(conn_ctx->ssl_ctx, ctx->hostinfo);
*output_bkt = serf_bucket_ssl_encrypt_create(*output_bkt,
conn_ctx->ssl_ctx,
ctx->bkt_alloc);
if (ctx->pem_path) {
serf_ssl_client_cert_provider_set(conn_ctx->ssl_ctx,
client_cert_cb,
ctx,
pool);
}
if (ctx->pem_pwd) {
serf_ssl_client_cert_password_set(conn_ctx->ssl_ctx,
client_cert_pw_cb,
ctx,
pool);
}
}
*input_bkt = c;
return APR_SUCCESS;
}
/* Test setting up the openssl library. */
static void test_ssl_init(CuTest *tc)
{
serf_bucket_t *bkt, *stream;
serf_ssl_context_t *ssl_context;
apr_status_t status;
apr_pool_t *test_pool = test_setup();
serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(test_pool, NULL,
NULL);
stream = SERF_BUCKET_SIMPLE_STRING("", alloc);
bkt = serf_bucket_ssl_decrypt_create(stream, NULL,
alloc);
ssl_context = serf_bucket_ssl_decrypt_context_get(bkt);
bkt = serf_bucket_ssl_encrypt_create(stream, ssl_context,
alloc);
status = serf_ssl_use_default_certificates(ssl_context);
CuAssertIntEquals(tc, APR_SUCCESS, status);
test_teardown(test_pool);
}
